You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2013/02/20 05:15:18 UTC
svn commit: r1447993 - in /httpd/httpd/trunk: CHANGES
modules/ssl/ssl_engine_init.c
Author: wrowe
Date: Wed Feb 20 04:15:18 2013
New Revision: 1447993
URL: http://svn.apache.org/r1447993
Log:
mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
in the error log to debug level. [William Rowe]
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1447993&r1=1447992&r2=1447993&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Feb 20 04:15:18 2013
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
+ in the error log to debug level. [William Rowe]
+
*) core: ap_rgetline_core now pulls from r->proto_input_filters.
*) mod_proxy_html: process parsed comments immediately.
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=1447993&r1=1447992&r2=1447993&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Wed Feb 20 04:15:18 2013
@@ -91,7 +91,7 @@ static int ssl_tmp_key_init_rsa(server_r
if (FIPS_mode() && bits < 1024) {
mc->pTmpKeys[idx] = NULL;
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01877)
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01877)
"Init: Skipping generating temporary "
"%d bit RSA private key in FIPS mode", bits);
return OK;
@@ -140,7 +140,7 @@ static int ssl_tmp_key_init_dh(server_re
if (FIPS_mode() && bits < 1024) {
mc->pTmpKeys[idx] = NULL;
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01880)
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01880)
"Init: Skipping generating temporary "
"%d bit DH parameters in FIPS mode", bits);
return OK;
@@ -354,7 +354,7 @@ int ssl_init_Module(apr_pool_t *p, apr_p
}
}
else {
- ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(01886)
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01886)
"SSL FIPS mode disabled");
}
#endif